Skip to content

Instantly share code, notes, and snippets.

@niryeffet
Forked from AndiDittrich/AesUtil.js
Created March 16, 2018 17:19
Show Gist options
  • Save niryeffet/99595f7a70db38acf238d7c3366b3f49 to your computer and use it in GitHub Desktop.
Save niryeffet/99595f7a70db38acf238d7c3366b3f49 to your computer and use it in GitHub Desktop.
Node.js - AES Encryption/Decryption with AES-256-GCM using random Initialization Vector + Salt
/**
* AES Encryption/Decryption with AES-256-GCM using random Initialization Vector + Salt
* @type {exports}
*/
// load the build-in crypto functions
var crypto = require('crypto');
// encrypt/decrypt functions
module.exports = {
/**
* Encrypts text by given key
* @param String text to encrypt
* @param Buffer masterkey
* @returns String encrypted text, base64 encoded
*/
encrypt: function (text, masterkey){
try {
// random initialization vector
var iv = crypto.randomBytes(16);
// random salt
var salt = crypto.randomBytes(64);
// derive key: 32 byte key length - in assumption the masterkey is a cryptographic and NOT a password there is no need for
// a large number of iterations. It may can replaced by HKDF
var key = crypto.pbkdf2Sync(masterkey, salt, 2145, 32, 'sha512');
// AES 256 GCM Mode
var cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
// encrypt the given text
var encrypted = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()]);
// extract the auth tag
var tag = cipher.getAuthTag();
// generate output
return Buffer.concat([salt, iv, tag, encrypted]).toString('base64');
}catch(e){
}
// error
return null;
},
/**
* Decrypts text by given key
* @param String base64 encoded input data
* @param Buffer masterkey
* @returns String decrypted (original) text
*/
decrypt: function (data, masterkey){
try {
// base64 decoding
var bData = new Buffer(data, 'base64');
// convert data to buffers
let salt = bData.slice(0, 64);
let iv = bData.slice(64, 80);
let tag = bData.slice(80, 96);
let text = bData.slice(96);
// derive key using; 32 byte key length
var key = crypto.pbkdf2Sync(masterkey, salt , 2145, 32, 'sha512');
// AES 256 GCM Mode
var decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);
decipher.setAuthTag(tag);
// encrypt the given text
var decrypted = decipher.update(text, 'binary', 'utf8') + decipher.final('utf8');
return decrypted;
}catch(e){
}
// error
return null;
}
};
@insanehong
Copy link

What is license of your gist files?

Cloud you write license file like this ? : https://gist.github.com/rwaldron/1056460

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment